| Table of Contents | | |
|
Long Term Support 
Stable, tested ServerTemplate assets | |
Objective
To set up an example LAMP (Linux, Apache, MySQL, PHP) all-in-one server with your own application and database in a public/private cloud that can be used for production purposes because it supports continuous backups.
Prerequisites
- 'actor', 'designer', and 'library' user role privileges
- Access to a MySQL 5.1 or 5.5 dump file that is located in an ROS container (e.g. Amazon S3 bucket, Rackspace Cloud Files container, etc.).
- PHP application code that is accessible via a Git or SVN repository, or as a tarball (.tgz) saved in an ROS container.
- For Amazon EC2, CloudStack, and other clouds that support security groups, you must have a security group defined with TCP port 22 open for SSH access and port 80 for client HTTP access.
- A deployment into which you are going to add the server. See Create a New Deployment.
Overview
This tutorial describes the steps for launching a production-ready LAMP server in the cloud.
Before starting the tutorial it's strongly recommended that you read the ServerTemplate's Overview page, which will provide a technical overview of the ServerTemplate's overall functionality.
Steps
Upload your database dump file
The ServerTemplate is designed to retrieve your MySQL database dump file from a supported Remote Object Storage (ROS) service.
- Upload your MySQL database dump file (*.gz) to a supported ROS container.
Sample Files
If you do not have your own dump file you can use the following sample MySQL dump file to complete the tutorial. The sample is a gzip (.gz) file.
- "Unified PHP" Example
- "World" Example
Add a Server
- Create a new deployment. See Create a New Deployment.
- Go to Design > MultiCloud Marketplace > ServerTemplates and import the most recently published revision of the desired ServerTemplate.
- You can use the published revision of the ServerTemplate to launch your LAMP server. However, if you plan to customize the ServerTemplate, clone the template to create an editable version that you can modify.
- Add a server to the new deployment using the imported (or cloned) ServerTemplate. See Add Server Assistant for details.
Create Credentials
Credentials are a way of passing sensitive information to a script (as an input) in a discrete manner without making the actual value visible in the Dashboard. As a best practice, many of the ServerTemplates published by RightScale are preconfigured to use certain credentials. The ServerTemplate assumes that you are following best practices and using credentials to store sensitive information. If the following credentials do not already exist in the RightScale account, you should create them now. Requires 'designer' or 'admin' user role privileges. See Create a New Credential.
If you do not want to create credentials for storing these values, you can enter them as text values later in this tutorial when you define the inputs.
-
DBADMIN_PASSWORD - Password of a database user with admin-level privileges.
-
DBADMIN_USER - Username of a database user with admin-level privileges
-
DBAPPLICATION_PASSWORD - Password of a database user with user-level privileges.
-
DBAPPLICATION_USER - Username of a database user with user-level privileges.
-
GIT_SSH_KEY - (Optional) Recommended if you are retrieving your application code from a private GitHub repository.
-
SVN_PASSWORD - (Optional) Recommended if you are retrieving your application code from an SVN repository.
-
SVN_USER - (Optional) Recommended if you are retrieving your application code from an SVN repository.
-
SSH_KNOWN_HOST_KEY (Optional) - Create a credential with a valid SSH key which will be appended to the /root/.ssh/known_hosts file. Creating and using this credential is optional but highly recommended to prvent MiTM attacks.
Define Inputs
The next step is to define any missing inputs. It's recommended that you define any missing inputs at the deployment level for inheritance and consistency reasons.
This particular ServerTemplate contains scripts that retrieve a MySQL dump file and application code at boot time. In order for the scripts to successfully retrieve the files you will need to provide necessary information.
Under the deployment's Inputs tab, click Edit.
Click the Show all Advanced text link to view the exhaustive list of inputs for all categories.
Retrieve Database Dump
You can retrieve your database dump from one of the following locations:
- Amazon S3
- Rackspace Cloud Files
- Google Cloud Storage
- Microsoft Azure Blob Storage
- Openstack Object Storage (swift)
- SoftLayer Object Storage
APP
| Input Name | Description | Example Value |
| Database Schema Name | The database name/schema of the MySQL dump file. | text: my_schema For the sample 'world' database listed above, use the value: text: world |
DB
| Input Name | Description | Example Value |
| Database Admin Password Database Admin Username | Username and password of a database user with administrator privileges. The admin username and password are used for tasks that require administrator access to the database. | cred: DBADMIN_PASSWORD cred: DBADMIN_USER |
| Database Application Password Database Application Username | Username and password of a database user with user-level privileges. The application username and password allow the application to access the database in a restricted fashion. | cred: DBAPPLICATION_PASSWORD cred: DBAPPLICATION_USER |
| Database Master FQDN | The fully qualified domain name that points to the master database server. For an all-in-one server, use 'localhost'. | text: localhost |
| Dump Container | The name of the Remote Object Storage (ROS) container that contains the MySQL dump file that will be installed on the instance. | text: db-bucket |
| Database Schema Name | The database name/schema of the MySQL dump file. Important! Use the same value that's specified for the Database Schema Name input specified in the 'APP' category above. | text: my_schema For the 'world' example: text: world For the 'unified_php' example: text: my_schema |
| Dump Prefix | The prefix name that will be used to create new database backups or locate a previous backup. For example, if you are using an existing dump file called 'app-test-201109010029.gz' specify 'app-test' as the Dump Prefix. You can also enter the fullname of a dump file without the file extension. (e.g. app-test-201109010029) | text: my_db_prefix For the 'world' example: text: world_innodb For the 'unified_php' example: text: app_test |
| Dump Storage Account ID | In order to retrieve a tarball of the application code that's a "private" object within the specified Remote Object Storage (ROS) location, you must provide proper cloud authentication credentials. For security reasons, it's recommended that you create and use credentials for these values instead of entering the text value. -
Amazon S3 - Amazon Access Key ID (e.g. cred: AWS_ACCESS_KEY_ID)
-
Rackspace Cloud Files - Rackspace login username (e.g. cred: RACKSPACE_USERNAME)
-
Google Cloud Storage - Google Secret Access Key (e.g. cred: GOOGLE_ACCESS_KEY)
-
Microsoft Azure Blob Storage - Azure Storage Account Name (e.g. cred: AZURE_ACCOUNT_NAME)
-
swift - OpenStack Object Storage (Swift) Account ID (tenantID:username) (e.g. cred: SWIFT_ACCOUNT_ID)
-
SoftLayer Object Storage - SoftLayer Username (e.g. cred: SOFTLAYER_USER_ID)
| cred: AWS_ACCESS_KEY_ID |
| Dump Storage Account Provider | The Remote Object Storage (ROS) service where the tarball of the application code will be retrieved from. -
s3 - Amazon S3
-
cloudfiles - Rackspace Cloud Files (United States)
-
cloudfilesuk - Rackspace Cloud Files (United Kingdom)
-
google - Google Cloud Storage
-
azure - Microsoft Azure Blob Storage
-
swift - OpenStack Object Storage
-
SoftLayer_Dallas - SoftLayer's Dallas (USA) cloud
-
SoftLayer_Singapore - SoftLayer's Singapore cloud
-
SoftLayer_Amsterdam - SoftLayer's Amsterdam cloud
| text: s3 |
| Dump Storage Account Secret | In order to retrieve a tarball of the application code that's a "private" object within the specified Remote Object Storage (ROS) location, you must provide proper cloud authentication credentials. For security reasons, it's recommended that you create and use credentials for these values instead of entering the text value. -
Amazon S3 - AWS Secret Access Key (e.g. cred: AWS_SECRET_ACCESS_KEY)
-
Rackspace Cloud Files - Rackspace Account API Key (e.g. cred: RACKSPACE_AUTH_KEY)
-
Google Cloud Storage - Google Secret Access Key (e.g. cred: GOOGLE_SECRET_ACCESS_KEY)
-
Microsoft Azure Blob Storage - Microsoft Primary Access Key (e.g. cred: AZURE_PRIMARY_ACCESS_KEY)
-
swift - OpenStack Object Storage (Swift) Account Password (e.g. cred: SWIFT_ACCOUNT_PASSWORD)
-
SoftLayer Object Storage - SoftLayer API Access Key (e.g. cred: SOFTLAYER_API_KEY)
| cred: AWS_SECRET_ACCESS_KEY |
Retrieve Application Code
You can retrieve application code from one of the following locations:
- Git - Git repository
- SVN - SVN repository
- ROS - Remote Object Storage location (e.g. Amazon S3, Rackspace Cloud Files, etc.) OpenStack Object Storage (Swift) is currently not supported.
- FTP - File Transfer Protocol service
- rsync - Retrieve from another server using rsync
REPO
ALL Repositories (ROS, Git, SVN, FTP)
Use the following input to specify where the application will be retrieved from.
| Input Name | Description | Example Value |
| Repository Provider | Select which repository provider contains the application code. -
repo_git - Git repository
-
repo_svn - SVN repository
-
repo_ros - Remote Object Store. (e.g. Amazon S3, Rackspace Cloud Files, etc.) Select this option to download a tarball (.tgz) of your application code.
-
repo_ftp - File Transfer Protocol (FTP) service
-
repo_rsync - Code will be retrieved using rsync instead of from Repose. Typically used for cookbook development workflows.
| text: repo_git |
| Repository URL/ROS Container | The name of the Remote Object Storage (ROS) container where a tarball (.tgz) of the application code will be retrieved from or the URI that points to the location of the application code repository. -
ROS - container/bucket name
-
GitHub/SVN - Specify the URI that points to the location of the repository that contains the application code. Specify a "read-only" URL. See the examples below.
-
GitHub: git://github.com/username/myapp.git
-
SVN: https://mysvn.net/app
| text: my-container text: git://github.com/username/myapp.git For the 'world' example: text: git://github.com/rs-services/rs_phpmysql_testapp.git |
| Project App root | The destination location where the application code will be placed on the local instance. If you want the application code to be placed in the root directory, use a forward slash (/) otherwise you will need to specify the full path (e.g. /path/to/code). If set to 'ignore' the default location (/home/webapps) will be used. The 'Application Name' input is used to name the destination folder into which the application code will be placed. Apache and Tomcat will look for the application in the specified path. | text: /home/webapps |
| Action | Specify how the application code will be pulled from the specified repository. -
pull - standard repository pull
-
capistrano_pull - standard repository pull plus a capistrano deployment style is applied.
| text: pull |
| Known Hosts SSH Key | (Optional) This input will allow verification of the destination host by comparing its IP, FQDN and SSH-RSA with the record in the /root/.ssh/known_hosts file. This input provides improved security by preventing MiTM attacks. | cred:SSH_KNOWN_HOST_KEY |
Git Repository
Important!
If you are checking out code from a Git repository, specify values for the following inputs.
| Input Name | Description | Example Value |
| Account credential | In order to check out application code from a private (not public) Git repository, you must provide the repository's SSH key (e.g. Git SSH Key) for authentication purposes. Set to 'ignore' if you are using an application in a repository that allows 'public-read' access. | cred: GIT_SSH_KEY For any of the provided sample applications, leave this input unset. |
| Repository Branch/Tag/Commit | The specific branch/tag/SHA of the specified Git repository that the application code should be checked out from. (e.g. mybranch) Use "master" to retrieve the master branch from the repository. | text: mybranch For the sample 'world' application provided, use the value: text: master |
SVN Repository
Important!
If you are checking out code from an SVN repository, specify values for the following inputs.
| Input Name | Description | Example Value |
| Account name Account credential | The username and password required to access and retrieve the application code from the specified SVN repository. | cred: SVN_USER cred: SVN_PASSWORD |
| Repository Branch/Tag/Commit | The specific branch/tag/SHA of the specified Git repository that the application code should be checked out from. (e.g. mybranch) Use "master" to retrieve the master branch from the repository. | text: mybranch |
Remote Object Storage (ROS)
Important!
If you are checking out code from a Remote Object Storage (ROS) location, specify values for the following inputs.
| Input Name | Description | Example Value |
| ROS Prefix | The prefix that will be used to locate the correct tarball of the application. For example, if you're using 'myapp.tgz' specify 'myapp' as the ROS Prefix. | text: myapp |
| Account Name | In order to retrieve a tarball of the application code that's a "private" object within the specified Remote Object Storage (ROS) location, you must provide proper cloud authentication credentials. For security reasons, it's recommended that you create and use credentials for these values instead of entering the text value. -
Amazon S3 - Amazon Access Key ID (e.g. cred: AWS_ACCESS_KEY_ID)
-
Rackspace Cloud Files - Rackspace login username (e.g. cred: RACKSPACE_USERNAME)
-
Google Cloud Storage - Google Secret Access Key (e.g. cred: GOOGLE_ACCESS_KEY)
-
Microsoft Azure Blob Storage - Azure Storage Account Name (e.g. cred: AZURE_ACCOUNT_NAME)
-
swift - Authentication Token (string)
-
SoftLayer Object Storage - SoftLayer Account ID (e.g. cred: SOFTLAYER_USER_ID)
| text: AWS_ACCESS_KEY_ID |
| Account credential | In order to retrieve a tarball of the application code that's a "private" object within the specified Remote Object Storage (ROS) location, you must provide proper cloud authentication credentials. For security reasons, it's recommended that you create and use credentials for these values instead of entering the text value. -
Amazon S3 - AWS Secret Access Key (e.g. cred: AWS_SECRET_ACCESS_KEY)
-
Rackspace Cloud Files - Rackspace Account API Key (e.g. cred: RACKSPACE_AUTH_KEY)
-
Google Cloud Storage - Google Secret Access Key (e.g. cred: GOOGLE_SECRET_ACCESS_KEY)
-
Microsoft Azure Blob Storage - Microsoft Primary Access Key (e.g. cred: AZURE_PRIMARY_ACCESS_KEY)
-
swift - Authentication Token (string)
-
SoftLayer Object Storage - SoftLayer Authentication Token (e.g. cred: SOFTLAYER_API_KEY)
| cred: AWS_SECRET_ACCESS_KEY |
| ROS Storage Account Provider | The Remote Object Storage (ROS) service where the tarball of the application code will be retrieved from. -
s3 - Amazon S3
-
cloudfiles - Rackspace Cloud Files (United States)
-
cloudfilesuk - Rackspace Cloud Files (United Kingdom)
-
google - Google Cloud Storage
-
azure - Microsoft Azure Blob Storage
-
swift - OpenStack Object Storage
-
SoftLayer_Dallas - SoftLayer's Dallas (USA) cloud
-
SoftLayer_Singapore - SoftLayer's Singapore cloud
-
SoftLayer_Amsterdam - SoftLayer's Amsterdam cloud
| text: s3 |
WEB_APACHE
| Input Name | Description | Example Value |
| Application Name | On your application servers, the server subdirectory where your application code files are stored. If you are using dedicated load balancer servers launched with RightScale's "Load Balancer with HAProxy" ServerTemplate, this value must match the Application Name input for your load balancer servers. | text: myapp |
| Multi-Processing Module | Leave this input set to the default, "prefork": the valid value for a PHP server. | text: prefork |
When you are finished defining the inputs, click Save.
Launch the Server
Now that you have finished defining server details, you are ready to launch a server in the cloud with the new settings. Click the server's Launch button.
Review the inputs that you set at the Inputs confirmation page and click Launch.
Post Tutorial Steps
Test the Server
After the server enters the operational state, you can test it to ensure that it was properly configured. To test your server, go to the server's Info tab. You can either copy and paste the server's public IP address into a web browser or click the public DNS name or IP address link (if available).
- For an Amazon EC2 server, click the "Public DNS name" link (see below)
- For servers launched in other clouds, use the "(Public) IP Address"
When you navigate to your running LAMP server in a web browser, you will see your application's default page.
Troubleshooting
If the server is operational but you cannot view the test page in a browser window, make sure your server's security group has port 80 open.
You should also click on the server's Monitoring tab to view real-time monitoring graphs and check out the detailed server information under the Audit Entries tabs.
Terminate the Server
When you finish testing, click Terminate to shutdown the server.
